From 8cd416a18a1909d45cc6046196bc4692487fdc71 Mon Sep 17 00:00:00 2001
From: psykose <alice@ayaya.dev>
Date: Wed, 19 Apr 2023 19:58:35 +0000
Subject: [PATCH] main/libidn: fix build with werror=format-security

---
 main/libidn/APKBUILD              |   7 +-
 main/libidn/format-security.patch | 129 ++++++++++++++++++++++++++++++
 2 files changed, 134 insertions(+), 2 deletions(-)
 create mode 100644 main/libidn/format-security.patch

diff --git a/main/libidn/APKBUILD b/main/libidn/APKBUILD
index 98a39c98516..0a5d122f881 100644
--- a/main/libidn/APKBUILD
+++ b/main/libidn/APKBUILD
@@ -2,14 +2,16 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=libidn
 pkgver=1.41
-pkgrel=2
+pkgrel=3
 pkgdesc="Encode/Decode library for internationalized domain names"
 url="https://www.gnu.org/software/libidn"
 arch="all"
 license="LGPL-2.1-or-later"
 checkdepends="diffutils"
 subpackages="$pkgname-dev $pkgname-doc"
-source="https://ftp.gnu.org/gnu/libidn/libidn-$pkgver.tar.gz"
+source="https://ftp.gnu.org/gnu/libidn/libidn-$pkgver.tar.gz
+	format-security.patch
+	"
 
 # secfixes:
 #   1.33-r0:
@@ -43,4 +45,5 @@ package() {
 
 sha512sums="
 765c42b64f10f0d84c0abecdce443baa9fdb80576179e3143bf56abde3f6c6149cc2c77e286e2e2a6ccf508914f30c2d5af258073168c0f886686e4fd85bbb47  libidn-1.41.tar.gz
+bc4fc4348ff87615d40cc535b35de6edfe4379720313df1de8d0041609307dec51b1d283da29b562f7d5ab8fd1934ad094ea5df8044341ad206009739e7751c9  format-security.patch
 "
diff --git a/main/libidn/format-security.patch b/main/libidn/format-security.patch
new file mode 100644
index 00000000000..1ebf736e1c9
--- /dev/null
+++ b/main/libidn/format-security.patch
@@ -0,0 +1,129 @@
+diff --git a/src/idn.c b/src/idn.c
+index 9e1e766..ea89ecb 100644
+--- a/src/idn.c
++++ b/src/idn.c
+@@ -170,7 +170,7 @@ main (int argc, char *argv[])
+       (args_info.nfkc_given ? 1 : 0) != 1)
+     {
+       error (0, 0,
+-	     _("only one of -s, -e, -d, -a, -u or -n can be specified"));
++	     "%s", _("only one of -s, -e, -d, -a, -u or -n can be specified"));
+       usage (EXIT_FAILURE);
+     }
+ 
+@@ -183,7 +183,7 @@ main (int argc, char *argv[])
+ 
+   if (!args_info.quiet_given
+       && args_info.inputs_num == 0 && isatty (fileno (stdin)))
+-    fprintf (stderr, _("Type each input string on a line by itself, "
++    fprintf (stderr, "%s", _("Type each input string on a line by itself, "
+ 		       "terminated by a newline character.\n"));
+ 
+   do
+@@ -195,7 +195,7 @@ main (int argc, char *argv[])
+ 	  if (feof (stdin))
+ 	    break;
+ 
+-	  error (EXIT_FAILURE, errno, _("input error"));
++	  error (EXIT_FAILURE, errno, "%s", _("input error"));
+ 	}
+ 
+       if (strlen (line) > 0)
+@@ -213,7 +213,7 @@ main (int argc, char *argv[])
+ 	  if (!q)
+ 	    {
+ 	      free (p);
+-	      error (EXIT_FAILURE, 0,
++	      error (EXIT_FAILURE, 0, "%s",
+ 		     _("could not convert from UTF-8 to UCS-4"));
+ 	    }
+ 
+@@ -238,7 +238,7 @@ main (int argc, char *argv[])
+ 	  if (!q)
+ 	    {
+ 	      free (r);
+-	      error (EXIT_FAILURE, 0,
++	      error (EXIT_FAILURE, 0, "%s",
+ 		     _("could not convert from UTF-8 to UCS-4"));
+ 	    }
+ 
+@@ -275,7 +275,7 @@ main (int argc, char *argv[])
+ 	  q = stringprep_utf8_to_ucs4 (p, -1, &len);
+ 	  free (p);
+ 	  if (!q)
+-	    error (EXIT_FAILURE, 0,
++	    error (EXIT_FAILURE, 0, "%s",
+ 		   _("could not convert from UTF-8 to UCS-4"));
+ 
+ 	  if (args_info.debug_given)
+@@ -334,7 +334,7 @@ main (int argc, char *argv[])
+ 	  r = stringprep_ucs4_to_utf8 (q, -1, NULL, NULL);
+ 	  free (q);
+ 	  if (!r)
+-	    error (EXIT_FAILURE, 0,
++	    error (EXIT_FAILURE, 0, "%s",
+ 		   _("could not convert from UCS-4 to UTF-8"));
+ 
+ 	  p = stringprep_utf8_to_locale (r);
+@@ -358,14 +358,14 @@ main (int argc, char *argv[])
+ 	  q = stringprep_utf8_to_ucs4 (p, -1, NULL);
+ 	  free (p);
+ 	  if (!q)
+-	    error (EXIT_FAILURE, 0,
++	    error (EXIT_FAILURE, 0, "%s",
+ 		   _("could not convert from UCS-4 to UTF-8"));
+ 
+ 	  if (args_info.debug_given)
+ 	    {
+ 	      size_t i;
+ 	      for (i = 0; q[i]; i++)
+-		fprintf (stderr, "input[%lu] = U+%04x\n",
++		fprintf (stderr, "%s", "input[%lu] = U+%04x\n",
+ 			 (unsigned long) i, q[i]);
+ 	    }
+ 
+@@ -436,7 +436,7 @@ main (int argc, char *argv[])
+ 	  if (!q)
+ 	    {
+ 	      free (p);
+-	      error (EXIT_FAILURE, 0,
++	      error (EXIT_FAILURE, 0, "%s",
+ 		     _("could not convert from UCS-4 to UTF-8"));
+ 	    }
+ 
+@@ -492,7 +492,7 @@ main (int argc, char *argv[])
+ 	  r = stringprep_ucs4_to_utf8 (q, -1, NULL, NULL);
+ 	  free (q);
+ 	  if (!r)
+-	    error (EXIT_FAILURE, 0,
++	    error (EXIT_FAILURE, 0, "%s",
+ 		   _("could not convert from UTF-8 to UCS-4"));
+ 
+ 	  p = stringprep_utf8_to_locale (r);
+@@ -521,7 +521,7 @@ main (int argc, char *argv[])
+ 	      if (!q)
+ 		{
+ 		  free (p);
+-		  error (EXIT_FAILURE, 0,
++		  error (EXIT_FAILURE, 0, "%s",
+ 			 _("could not convert from UTF-8 to UCS-4"));
+ 		}
+ 
+@@ -535,7 +535,7 @@ main (int argc, char *argv[])
+ 	  r = stringprep_utf8_nfkc_normalize (p, -1);
+ 	  free (p);
+ 	  if (!r)
+-	    error (EXIT_FAILURE, 0, _("could not do NFKC normalization"));
++	    error (EXIT_FAILURE, 0, "%s", _("could not do NFKC normalization"));
+ 
+ 	  if (args_info.debug_given)
+ 	    {
+@@ -545,7 +545,7 @@ main (int argc, char *argv[])
+ 	      if (!q)
+ 		{
+ 		  free (r);
+-		  error (EXIT_FAILURE, 0,
++		  error (EXIT_FAILURE, 0, "%s",
+ 			 _("could not convert from UTF-8 to UCS-4"));
+ 		}
+